I hv Cent OS 5.3 installed as server. I hv a network of approx 100 desktops and laptops. For a security purpose i want to block certain laptops from gaining a the network access using dhcp. Can we block the ip address leasing if a specific MAC address request for a ip lease?
View 7 Replies
I would like to COMPLETELY block a specific IP address using iptables. I found this one:
Code:
iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset
Will this work? How do I undo the changes later?
Im trying to setup dhcpd to put certain systems witch have mac address starting with 08:00:* in a certain ip class. How can this be done?So any system with mac address starting with 08:00 to get an ip from this range 192.168.12.2-192.168.12.99.
View 11 Replies View RelatedHow to block an ip address from mikrotik so that when a fake user use this ip he doesn't get internet but in the mean time real user gets internet. Real user will not harm if fake user trying to access.
View 3 Replies View RelatedI need to block mac address in my network then i foolowed as below acl's but am getting output as follows I tried as in /etc/squid/squid.conf acl block arp aa:aa:yy:yy:xx:xx http_access deny block but it give me error as like: - (This is the output of # squid -k parse) aclParseAclLine: Invalid ACL type 'arp' FATAL: Bungled squid.conf line 1234: acl block arp aa:aa:yy:yy:xx:xx squid Cache (Version 2.5.STABLE6): Terminated abnormally.
View 7 Replies View RelatedI have UBUNTU server 10.04 LTS with 3 NIC "eth0" local and eth1,2 as internet connection and it acts as firewall, http proxy and samba file server ,I installed Zentyal panel manager for my server for easier management I did not configure any specific rule for my firewall but I have some problem with my clients who wants to connect to my server as gateway or as file server even my self experienced these problems too. these problems are as follow:
1. some time for a few minutes (maximum 10 minutes) my server block some of my clients to access it or internet but just for minutes but it is very annoying.
2. all of my clients those who login to an https servers or login to their mail or those who has some software like team viewer say that they are logging out from their session randomly I mean some of them logging out from their mail(yahoomail or googlemail ) or disconnecting from teamviewer connection or as I saw team viewer disconnecting for a few seconds and then comes back again. but I did not set any thing in my firewall or other services. this is my complete iptable rules:
I've a question about how work dhcpd. I'm on CentOS 5.6. I has a dhcpd server on it. His configuration:
authoritative;
ddns-update-style none;
deny declines;
deny bootp;
option domain-name "mydomain.domain";
option domain-name-servers IP;
option routers IP;
option time-offset -18000;
#option ntp-servers IP;
subnet IP netmask MASK {
range IP START IP END ;
default-lease-time 86400;
max-lease-time 172800; }
And now in the /var/lib/dhcpd/dhcpd.lease file, there few entrie for the same IP. Sometime I've ten same entries for the same IP. Can I have only one entrie by IP? Is there any problems in my configuration of my dhcpd.conf file?
I am puzzled with trying to configure a linux (openSUSE) client to dhcp to eBox DHCP server. I am using dhclient to lease an IP address with dhclient eth0 -s 10.45.48.108 and get a response
openSUSE11232CL1 dhclient: DHCPDISCOVER on eth0 to 10.45.48.108 port 67 interval 4
openSUSE11232CL1 dhclient: DHCPOFFER from 10.45.48.108
openSUSE11232CL1 dhclient: DHCPREQUEST on eth0 to 10.45.48.108 port 67
openSUSE11232CL1 dhclient: send_packet: Network is unreachable
openSUSE11232CL1 dhclient: send_packet: please consult README file regarding broadcast address.
The server reports eBox141 dhcpd: DHCPDISCOVER from 00:0c:29:3e:57:a3 (openSUSE11232CL1.domain.net) via eth0
eBox141 dhcpd: DHCPOFFER on 10.45.200.2 to 00:0c:29:3e:57:a3 (openSUSE11232CL1.domain.net) via eth0
I interpret this as the server receives the request and the client accepting it but the lease does not last long and the connection breaks. what this could be and why the connection breaks? Or my undestanding is totally wrong on how it works and should work? And BTW, where is that README file that's referenced in the message I receive on the client?
I have a dhcpd server running CentOS and Webmin. I noticed in my lists of expired leases some of the lease times are only a few hours even thought I have lease length set to 1 week. I want to keep a lease for a week even if the device requests that it be expired. Is there some way I can do this in dhcpd? I am attaching a screenshot of some of my lease times listed in Webmin.
View 4 Replies View RelatedI have create distro groups in zimbra and have add member sin there. when i connect an account on mapi etc. [URL] i have create a persona in order client to send from [URL] rather than [URL] How can i restrict inside postfix to relay using [URL]?
View 1 Replies View RelatedI'm running gnome desktop on squeeze system. When I boot my system seems to be using my internet modem as its dhcp server. The rest of the machines on my lan are correctly using my router for that purpose. As a result, what happens then is that my debian machine frequently gets a duplicate ip address assigned to it. I would like to specify to my debian computer that I want it to use the specific fixed ip address of my router for dhcp purposes.
View 9 Replies View RelatedI'm trying to get dhcpd to use a specific IP address as the source address for responses it uses an IP address for. I coded "local-address 172.30.0.4" in the config file. For some responses it uses this address. For some other responses it does not. In those cases it uses the IP address that is the first on the interface. Is there another configuration I should be using, instead?
View 2 Replies View RelatedI wish to intercept/forward emails that is sent to one user on multi user mail server.I only want email from one specific address or group,to be redirected and it will be redirected to another user on same server.The email should not arrive in original users inbox.".forward" file can not give me such solution,because ".forward" file will forward all mails to another specific mail id,which i don't want. I want only specific users mails onto another local user.Is this possible in sendmail?Anybody have clear idea of "virtusetable" & "aliases" file?
View 1 Replies View RelatedI've set up a permanent DHCP lease for my MAC address. I did this hoping to resolve the fact that I share my Internet ADSL connection with my wife and my daughter (the latter a great bandwidth hog)!
View 5 Replies View RelatedIf I give "ifconfig" in my laptop I get eth0,lo,wlan0.In that where do I find my Ip address in Ubuntu in 10.04. In eth0 I dont find inet address.Where can I find it?
View 2 Replies View RelatedHow to find IP address of computers in LAN served by simple DHCPd (in ADSL modem - without IP reservations/MAC address).
So is in Ubuntu something like on-fly name resolution in Windows ? Without running DNS server with some kind of DynDNS ?
e.g.
My comp has hostname "GoGo" but I get random IP address from DHCP.
How can other PC on same LAN resolve my changing IP address ?
i am pretty much brand new to ubuntu i have messed around with it a little and have gotten my apache2 server up and running what i have some questions on is
1. How can i give my server a actual address and not my ip address?
2. Is there any way i can put like forum software on part of it? if so how?
3. What is the best way to write web pages i know some html so thats how i was able to write what i have now just wondering what best way is
I want to know how to bind Ip addresses to its mac addresses in Squid Proxy
View 5 Replies View RelatedI want to ask about securing the FTP connection... I have one server that Installed with Redhat Linux Fedora 6.
And now, i want to securing the FTP access, so only the selected IP will be allowed to connect. Do anyone know how to do this?
Another thing is, my server using Webmin 1.3 to manage the server and there not installed / not configured yet with Frox FTP, ProFTPD Server, WU-FTP Server... even there is such thing in my Webmin...
Can i make use one of the three FTP i mention above, and if yes, will it be affecting the current FTP access?
I'm assuming that the following should block the complete 178.123.xxx.xxx address range.
Code:
iptables -I INPUT -s 178.123.0.0/24 -j DROP
Then I believe that I need to save this change.
Code:
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
However, I'm not so sure that it is actually working based on the fact that there continues to be access to my wiki from that address range. The following is after I made the firewall change.
Quote:
178.123.177.61 - - [31/Dec/2010:04:24:40 -0500] "GET /mywiki/Opera%20Web%20Browser?action=edit&editor=text HTTP/1.1" 200 6346 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
code....
Let me state that I'm new at this iptables thing. I did some reading and decided that I need to make the above change to the firewall but it doesn't seem to make a difference.
I am setting up a iptables firewall on one of our servers, and I would like to block a range of addresses from getting into the system. I am using a script that does a BLACKIN and BLACKOUT methodology for specific addresses. One example is the following:
Code:
$IPTABLES -A BLACKIN -s 202.109.114.147 -j DROP
...
$IPTABLES -A BLACKOUT -d 202.109.114.117 -j DROP
What would be the correct syntax to use if I wanted to block an entire remote subnet from getting into the server?
I have one server that has Asterisk running.On front of that, I use DD-WRT router as gateway. As I have checked the log files, I saw that there is a specific IP Address that is continuously accessing the application and trying to authenticate to SIP with a series of extensions. This is like DoS attack for SIP. What I did was to block/drop the IP in DD-WRT using the iptables. I can see from the /proc/net/ip_conntrack that it is being "UNREPLIED". But my concern is that does it still uses a lot of bandwidth even though it is already being blocked?
View 14 Replies View RelatedI dont know for what reason, I started having this message whenever I try to start httpd.
I commented "Listen 443", restarted httpd started correctly.
I issued "lsof -iTCP:443", I get
Quote:
I can not understand where this come from and why. It seems that it is IPV6 protocol which is in fact not enabled on the network card.
Also, I can not find or dont know where 443 is configured apart from ssl.conf or httpd.conf
Today, I have added xrdp applications in order to be able to connect using RDP.
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down. Unable to open logs
I am new to apache2 server i have been trying to start the server using the default httpd.conf file provided in the source code but when i give the following command sudo /usr/local/apache/bin/apachectl start i receive the above error and the server shuts down.
i have followed web site [URL] for MAC to IP bind but it dont work on my system
Code:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
[code].....
I installed the Centos 5.5 and after the Xen. After I put a virtual machine named VM01.Initially it worked properly, I tried everything and it worked.When rebooted, I had problems with the network.I have two network cards eth0 and eth1, but eth1 does not have any ip and I use only eth0.The error that appears is:
vif0.0: received packet with own address the source address
i am using openssh 5.2-p1, i want to restrict user "admin" to login to the server from a specific IP address, for this purpose i have tried the following blocks in sshd_config file.Following is the part of the sshd_config file which i have modified
#The following commands will only allow specific IP to login to ssh.
#AllowUsers admin user1 user2
#AllowGroups
# override default of no subsystems.Subsystem sftp internal-sftp
Match Group sftpgroup
ChrootDirectory /home
AllowTCPForwarding no[code].....
i want to restrict admin user to login to the server only from 172.16.100.221 IP which can be done by using AllowUser line, but i dont want to use AllowUser line,
Is there a way of allowing only certain domain to send e-mails to certain specific e-mail address. I am using Sendmail, and I have an alias which translate to certain members of staff within my organization. I don't expect e-mails from outside our domain to be sent to this alias e-mail address.
View 1 Replies View RelatedI have a user who was getting constantly spammed so I deleted their email account but it's still coming in and trying to get delivered, how do drop all email for a specific email address?
View 4 Replies View Relatedhow to block a specific MAC address
View 2 Replies View Related
